Anonymous hacks US think tank with Christmas spirit
WASHINGTON - The Associated Press
Online hacker group Anonymous claimed it had stolen a trove of emails and credit card information from Stratfor. Hürriyet photoThe loose-knit hacking movement “Anonymous” claimed to have stolen thousands of credit card numbers and other personal information belonging to clients of U.S.-based security think tank Stratfor. One hacker said the goal was to pilfer funds from individuals’ accounts to give away as Christmas donations, and some victims confirmed unauthorized transactions linked to their credit cards.
Anonymous boasted of stealing Stratfor’s confidential client list, which includes entities ranging from Apple Inc. to the U.S. Air Force to the Miami Police Department, and mining it for more than 4,000 credit card numbers, passwords and home addresses.
Anonymous also linked to images online that it suggested were receipts for charitable donations made by the group manipulating the credit card data it stole. “Thank you! Defense Intelligence Agency,” read the text above one image that appeared to show a transaction summary indicating that an agency employee’s information was used to donate $250 to a non-profit.
Austin, Texas-based Stratfor provides political, economic and military analysis to help clients reduce risk, according to a description on its YouTube page. It charges subscribers for its reports and analysis, delivered through the web, emails and videos. The company’s main website was down, with a banner saying the “site is currently undergoing maintenance.” Proprietary information about the companies and government agencies that subscribe to Stratfor’s newsletters did not appear to be at any significant risk, however, with the main threat posed to individual employees who had subscribed.
‘These are just the ‘A’s’
“Not so private and secret anymore?” Anonymous taunted in a message on Twitter, promising that the attack on Stratfor was just the beginning of a Christmas-inspired assault on a long list of targets.
Anonymous said the client list it had already posted was a small slice of the 200 gigabytes worth of plunder it stole from Stratfor and promised more leaks. It said it was able to get the credit card details in part because Stratfor didn’t bother encrypting them, an easy-to-avoid blunder which, if true, would be a major embarrassment for any security-related company.
Fred Burton, Stratfor’s vice president of intelligence, said the company had reported the intrusion to law enforcement and was working with them on the investigation. Stratfor has protections in place meant to prevent such attacks, he said.
Hours after publishing what it claimed was Stratfor’s client list, Anonymous tweeted a link to encrypted files online with names, phone numbers, emails, addresses and credit card account details. “Not as many as you expected? Worry not, fellow pirates and robin hoods. These are just the ‘A’s,” read a message posted online that encouraged readers to download a file of the hacked information.
Anonymous warned it has “enough targets lined up to extend the fun of LulzXmas through the entire next week.” The group has previously claimed responsibility for attacks on credit card companies Visa Inc. and MasterCard Inc., eBay Inc.’s PayPal, as well as other groups in the music industry and the Church of Scientology.